20 matches found
Debian: Security Advisory (DLA-301-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : python-django-1.8.7-1.fc22 (2015-323274d412)
Update to 1.8.7 , fixing CVE-2015-8213 rhbz1285278 ---- python- django-1.8.4-1.fc22 - Do not install bash completion for python executables Ville Skytta, rhbz1253076 - CVE-2015-5963 Denial-of-service possibility in logout view by filling session store rhbz1254911 - CVE-2015-5964 Denial- of-servic...
Fedora 23 : python-django-1.8.6-1.fc23 (2015-1dd5bc998f)
rebase to 1.8.6 rhbz1276914 ---- rebase to 1.8.5 rhbz1276914 ---- python-django-1.8.4-1.fc23 - Do not install bash completion for python executables Ville Skytta, rhbz1253076 - CVE-2015-5963 Denial-of-service possibility in logout view by filling session store rhbz1254911 - CVE-2015-5964...
Fedora Update for python-django FEDORA-2015-323274
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0327)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package python3-module-django version 1.8.5-alt1
Oct. 13, 2015 Alexey Shabalin 1.8.5-alt1 - 1.8.5 - fixed CVE-2015-5143, CVE-2015-5144, CVE-2015-5145, CVE-2015-5964, CVE-2015-5963...
Security fix for the ALT Linux 9 package python3-module-django version 1.8.5-alt1
Oct. 13, 2015 Alexey Shabalin 1.8.5-alt1 - 1.8.5 - fixed CVE-2015-5143, CVE-2015-5144, CVE-2015-5145, CVE-2015-5964, CVE-2015-5963...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores...
Debian DLA-301-1 : python-django security update
denial of service possibility in logout view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasn't decorated with django.contrib.auth.decorators.loginrequired as done in the admin. This could allow a...
[SECURITY] [DLA 301-1] python-django security update
Package : python-django Version : 1.2.3-3+squeeze14 CVE ID : CVE-2015-5963 CVE-2015-5964 Denial-of-service possibility in logout view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasnt decorated wi...
DLA-301-1 python-django - security update
Bulletin has no description...
CVE-2015-5964
The 1 contrib.sessions.backends.base.SessionBase.flush and 2 cachedb.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service session stor...
CVE-2015-5964
The CVE-2015-5964 issue affects Django where the functions contrib.sessions.backends.base.SessionBase.flush and cache_db.SessionStore.flush can create empty sessions in certain circumstances, enabling a remote attacker to exhaust the session store and cause a denial of service. Affected versions ...
[USN-2720-1] Django vulnerability
========================================================================== Ubuntu Security Notice USN-2720-1 August 18, 2015 python-django vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
Debian DSA-3338-1 : python-django - security update
Lin Hua Cheng discovered that a session could be created when anonymously accessing the django.contrib.auth.views.logout view. This could allow remote attackers to saturate the session store or cause other users' session records to be evicted. Additionally the...
Ubuntu: Security Advisory (USN-2720-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : django -- multiple vulnerabilities (b0e54dc1-45d2-11e5-adde-14dae9d210b8)
Tim Graham reports : Denial-of-service possibility in logout view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasn't decorated with django.contrib.auth.decorators.loginrequired as done in the admi...
[SECURITY] [DSA 3338-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3338-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini August 18, 2015 https://www.debian.org/security/faq -...
django -- multiple vulnerabilities
Tim Graham reports: Denial-of-service possibility in logout view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasn't decorated with django.contrib.auth.decorators.loginrequired as done in the admin...